Step 6. Change the name of the administrative account

The Danger: Malicious users may attempt to use the built-in 'administrator' user account to gain access to your PC.

The cause: As mentioned above, every Windows 2000 and XP installation includes an 'administrator' user account which has full control over files and system settings. This account cannot be locked or disabled and is thus the first target for anyone trying to hack into your computer. While the account should already have a password, provided you followed the procedure above, this does not protect it from attack.

The Cure: rename the administrator account.

Renaming the administrator account adds an extra layer of security by removing the standard user name 'administrator' which any malicious user will try first when attempting to gain access to your PC.

Make sure you are logged in as a user with administrative privileges - the first user created during the XP install process has these, as does the administrator. Right click on 'my computer' and select 'manage.' Expand 'local users and groups' then 'users.' Highlight the 'administrator' account and right click. Choose 'rename' and change the account to a name of your choosing.

Step 7. Disable 'hidden' shares within XP and 2000

The Danger : malicious users can easily gain access to every file and folder in your computer.

The Cause: Windows 2000 and XP both use a system of hidden administrative shares. Every drive on your computer system is shared under the name '(drive letter)$.' These shares exist to allow users with the correct username and password to remotely administer files on your computer. Of course, if a malicious user obtains a username and password with administrative rights to your system, all your files and folders are available to them over the Internet. They would be free to copy, change or delete as much of your data as they saw fit.

The cure: Disable the hidden shares.

Unless you are in a business environment, it is unlikely you will have a need for the hidden shares. Disabling them will considerably reduce the danger of your data being compromised remotely.

You will need to edit the Windows registry using REGEDIT in order to carry out this step. Please ensure that you backup your registry to a file before editing it.

To disable the hidden shares first start REGEDIT ('start\run' and type 'regedit') and then navigate to: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver\parameters
Add the Dword value 'AutoShareWks' with a value of '0' and restart your computer.

Step 8. Change Internet Explorer security settings

The Danger: Viruses and browser hijacking programs can infect your system through the use of ActiveX code on certain websites.

The Cause: By default, Internet Explorer will run certain content, including small programs embedded in the code of a website. An example of this sort of thing would be a pop-up ad asking you whether you wish to install so-and-so's software. Say yes and you may have just saddled yourself with a spyware problem. Certain malicious software may not even have the courtesy to ask before it has its way with your browser.